package com.cloudwise.gproject.config;

import com.cloudwise.gproject.util.BussinessConstants;
import com.cloudwise.gproject.util.MyCustomRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author ：卫子健
 * @date ：Created in 2021/3/18 18:47
 * @description：shiro安全框架配置类
 * @modified By：
 * @version:
 */
@Configuration//相当于spring-shiro-config.xml中beans
public class ShiroConfigration {
    /**
     *实例化shiro过滤工厂类
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //依赖注入安全管理器
        shiroFilterFactoryBean.setSecurityManager(securityManager());
        //配置登录失败后，跳转的页面
        shiroFilterFactoryBean.setLoginUrl("/user/toLogin");
        //配置默认页面
        shiroFilterFactoryBean.setSuccessUrl("/backIndex/toIndex");
        //配置未认证页面
        //shiroFilterFactoryBean.setUnauthorizedUrl();
        //实例化时，要保证url地址的有序性，所以一定不能使用hashMap
        // Map ChainDefinitionMap = new HashMap();
        // LinkedHashMap按照放入顺序取加载
        Map ChainDefinitionMap = new LinkedHashMap();
        //配置放行的静态资源，以后有的继续添加
        ChainDefinitionMap.put("/layui/**","anon");
        ChainDefinitionMap.put("/model/**","anon");
        //放行请求路径
        ChainDefinitionMap.put("/user/toLogin","anon");
        ChainDefinitionMap.put("/user/login","anon");
//        ChainDefinitionMap.put("/","anon");
        ChainDefinitionMap.put("/front/**","anon");
        //登出
        ChainDefinitionMap.put("/logout","logout");
        //配置拦截路径
        ChainDefinitionMap.put("/**","authc");
        //配置放行和拦截的请求路径
        shiroFilterFactoryBean.setFilterChainDefinitionMap(ChainDefinitionMap);

        return shiroFilterFactoryBean;
    }

    /**
     *把shiro的bean交给spring管理
     * @return
     */
    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
        LifecycleBeanPostProcessor lifecycleBeanPostProcessor =new LifecycleBeanPostProcessor();
        return lifecycleBeanPostProcessor;
    }
    /**
     * 实例化SecurityManager
     * @return
     */
    @Bean
    public DefaultWebSecurityManager securityManager(){
        DefaultWebSecurityManager defaultWebSecurityManager =new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(myCustomRealm());
        return defaultWebSecurityManager;
    }

    /**
     * 配置安全数据连接器Realm
     * @return
     */
    @Bean
    public MyCustomRealm myCustomRealm(){
        MyCustomRealm myCustomRealm =new MyCustomRealm();
        //配置缓存
        // myCustomRealm.setCacheManager(cacheManager());
        //依赖注入cm
        myCustomRealm.setCredentialsMatcher(cm());
        return myCustomRealm;
    }

    /**
     * 实例化缓存
     * @return
     */
    //@Bean
    public CacheManager cacheManager(){
        CacheManager cacheManager =new EhCacheManager();
        return cacheManager;
    }
    /**
     * 配置验证匹配器(配置加密算法和哈希次数)
     * @return
     */
    @Bean
    public HashedCredentialsMatcher cm(){
        HashedCredentialsMatcher hashedCredentialsMatcher =
                new HashedCredentialsMatcher();
        //算法名称
        hashedCredentialsMatcher.setHashAlgorithmName(BussinessConstants.userCheck.ALGORITHM_NAME);
        //哈希次数
        hashedCredentialsMatcher.setHashIterations(BussinessConstants.userCheck.HASH_ITERATOR);
        return hashedCredentialsMatcher;
    }
}
